Related
Plagiarism will not be tolerated on XDA-Developers:
http://forum.xda-developers.com/showpost.php?p=35640046&postcount=36
Reserved - Possible Updates Using Cygwin
I'm gonna take this one just in case as well
Thx for the app but i have an empty ramdisk folder...and all of the ramdisk files can't created or newer or same age version exists...cydwin won't let me copy the log...im using huawei not SE phone..if it has something to do!! But i can see the contents at boot.img-ramdisk.gz
Thanks but please mirror to other filehoster because mf is buggy on my phone
Sent from my WT19i using xda premium
$ ./extractboot boot.img
./extractboot: ./split_bootimg.pl: /usr/bin/perl: bad interpreter: Permission denied
./extractboot: line 17: cpio: command not found
gzip: ../../boot.img-ramdisk.gz: No such file or directory
what i missed here?
edit: opps. missed the REQUIRED packages. testing again.
$ ./extractboot boot.img
Android Magice not found in ./boot.img/ Giving up.
gzip: ../../boot.img-ramdisk.gz: unexpected end of file
cpio: premature end of archive
Any help with this error? I am trying to split and edit a custom CM9/ICS boot.img
very useful tool, thanks
This isn't working for me on my htc evo 4g lte. I am unpacking the stock boot.img and then repacking it with NO changes and get bootloops.
your image png should not exceed 20KB and your logo.rle should not exceed 60kb Otherwise you will almost always bootloop
stef67000 said:
your image png should not exceed 20KB and your logo.rle should not exceed 60kb Otherwise you will almost always bootloop
Click to expand...
Click to collapse
I didn't change any pngs, logos, or anything. I simply unpacked, repacked, and flashed.
maxdamage2122 said:
I didn't change any pngs, logos, or anything. I simply unpacked, repacked, and flashed.
Click to expand...
Click to collapse
Check on the way your kernel should be build.. Ours use as base 0x20 but yours may change..
Sent from my LT18i using Tapatalk
jimbo77 said:
Check on the way your kernel should be build.. Ours use as base 0x20 but yours may change..
Sent from my LT18i using Tapatalk
Click to expand...
Click to collapse
Is there a way to check without the source? Source for our kernel isn't released yet.
I've tried to unpack the last boot.img from cm9 RC2 to get the new cwm 6.x but I have an issue
Code:
$ ./extractboot boot.img
Page size: 2048 (0x00000800)
Kernel size: 3229308 (0x0031467c)
Ramdisk size: 1789254 (0x001b4d46)
Second size: 0 (0x00000000)
Board name:
Command line:
Writing boot.img-kernel ... complete.
Writing boot.img-ramdisk.gz ... complete.
./extractboot: line 17: cpio: command not found
I use this way http://forum.xda-developers.com/showthread.php?t=1477845
how to change spash screen http://forum.xda-developers.com/showthread.php?t=1140406
You need to download the cpio package through cygic in order to have it fixed..
Sent from my SGS3... Yes I have it!!!!
jimbo77 said:
You need to download the cpio package through cygic in order to have it fixed..
Sent from my SGS3... Yes I have it!!!!
Click to expand...
Click to collapse
thanks
thomas.raines said:
$ ./extractboot boot.img
Android Magice not found in ./boot.img/ Giving up.
gzip: ../../boot.img-ramdisk.gz: unexpected end of file
cpio: premature end of archive
Any help with this error? I am trying to split and edit a custom CM9/ICS boot.img
Click to expand...
Click to collapse
Hello,I'm having the same error with CM9/10 ICS/JellyBean kernel boot.img,there are chances it comes from the kernel itself as it appears to be or should we better look into our configuration?
helo, i repacket doomlord kernel v22 and when im trying to flash it i got this error :
FAILED (remote: Wrong range:0x10008000-0x103202d7. Ok:0x00200000 - 0x03dfff)
It's somethink about size of kernel and "fake size maker" file, but i dont know how to fix it.
So I pulled a working one apart and replaced the kernel with the compiled one.
Code:
[email protected] ~
$ cd /boot
[email protected] /boot
$ ./extractboot boot.img
Page size: 2048 (0x00000800)
Kernel size: 4463500 (0x00441b8c)
Ramdisk size: 372027 (0x0005ad3b)
Second size: 0 (0x00000000)
Board name:
Command line: console=ttyHSL0,115200,n8 androidboot.hardware=qcom loglevel=0
Writing boot.img-kernel ... complete.
Writing boot.img-ramdisk.gz ... complete.
2881 blocks
[email protected] /boot
$ ./packboot
Using base address 0x40200000
Using command line 'console=ttyHSL0,115200,n8 androidboot.hardware=qcom loglevel=0'
No errors
I then put it back together and I'm getting the boot.img is like half the original size (even tho the kernel files were pretty close to almost deadon the same size) and when I try to send to boot I get this
Code:
>fastboot boot boot_new.img
downloading 'boot.img'...
OKAY [ 1.168s]
booting...
FAILED (remote: incomplete bootimage)
finished. total time: 1.168s
This is for a Pantech Burst (p9070) if that helps at all
Original boot.img
New repacked boot.img
environment: ubuntu 10.04 LTS 64bit
get some package
sudo apt-get install gnupg flex bison gperf build-essential \
zip curl zlib1g-dev libc6-dev lib32ncurses5-dev ia32-libs \
x11proto-core-dev libx11-dev lib32readline5-dev lib32z-dev \
libgl1-mesa-dev g++-multilib mingw32 tofrodos python-markdown \
libxml2-utils xsltproc
install git
first install some packages that git depends on:
sudo apt-get install libcurl4-gnutls-dev libexpat1-dev gettext libz-dev libssl-dev
get the new git source code from http://code.google.com/p/git-core/downloads/list.
download git-1.8.0.tar.gz
tar -xvf git-1.8.0.tar.gz
cd git-1.8.0
./configure
make
sudo make install
this will install git to /usr/local/bin/
get the kernel source code:
mkdir -p ~/android/kernel
cd ~/android/kernel
git clone https://android.googlesource.com/kernel/msm
check which version of kernel to checkout
mkdir ~/work/android/nexus4-kernel
cd ~/work/android/nexus4-kernel
git clone https://android.googlesource.com/device/lge/mako-kernel
cd mako-kernel
git log kernel
get the commit rev, which is e039dcb (nov 25, 2012), this number seems to correspond to the latest commit revision in https://android.googlesource.com/kernel/msm/android-msm-mako-3.4-jb-mr1
check out the kernel
cd ~/android/kernel/kernel_msm
git checkout <commit version>
note: commit version is e039dcb, which is the result of the git log kernel command in the previous step
install google toolchain
mkdir ~/android/toolchain
cd ~/android/toolchain
git clone https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.6
add “export PATH=$PATH:~/android/toolchain/arm-linux-androideabi-4.6/bin” to ~/.profile and run source ~/.profile
setup environment variables and build
cd ~/android/kernel/kernel_msm
export ARCH=arm
export SUBARCH=arm
export CROSS_COMPILE=arm-linux-androideabi-
make mako_defconfig
make -j4
done
if you wanna thank me. go to google play and try out my app Wishlist :laugh:
https://play.google.com/store/apps/details?id=com.wish.wishlist
So with this I can make my own kernel for the Nexus 4? Hmm... will be nice to make one and get people to test it out for me lol.
I can edit the CPU, GPU, UV settings, etc? Is this only on Ubuntu or can it be done on Windows?
the kernel source is from google, but you can modify it as you wish. this is only for ubuntu. other linux environment will also work. but not windows.
You could change "make -j4" by "make -j$(grep -c ^processor /proc/cpuinfo)" ...
matt73300 said:
You could change "make -j4" by "make -j$(grep -c ^processor /proc/cpuinfo)" ...
Click to expand...
Click to collapse
that's handy to use.
But should the general rule of N in make -jN be twice the number of cpu core? for example, on my computer, I have two cores, so I use -j4.
yduck said:
that's handy to use.
But should the general rule of N in make -jN be twice the number of cpu core? for example, on my computer, I have two cores, so I use -j4.
Click to expand...
Click to collapse
Not really nice for lambda users. I think it's better when it written as I said (no need to know how many cores you have), or j# (and say replace # by 2xnumber_of_cores).
I have 8 cores on my computer, so I use j16 and it's much faster than j4, some people should know it
for some reason, the kernel I built cannot be booted.
when I did:
fastboot boot zImage
the phone stuck at the google logo.
any idea? I have seen other people in the forum built the kernel and booted it. there must be something wrong with the way I compiled the kernel, or the config is incorrect, or do I need to sign the kernel?
yduck said:
for some reason, the kernel I built cannot be booted.
when I did:
fastboot boot zImage
the phone stuck at the google logo.
any idea? I have seen other people in the forum built the kernel and booted it. there must be something wrong with the way I compiled the kernel, or the config is incorrect, or do I need to sign the kernel?
Click to expand...
Click to collapse
Is the zImage file the one found in "arch/arm/boot/zImage"? If so, then you can't use this directly in fastboot. You need to create a boot.img file.
Edit 2: You could possibly try this: " fastboot flash:raw boot <kernel> <ramdisk> ". I personally have not done, this. I created the boot.img file and flashed it.
Edit 3: Note that Edit 2 does perform a flash instead of boot, so be very wary of this. I recommend you create a boot.img file and use "fastboot boot boot.img" for testing --- it's safer that way.
dsana123 said:
Is the zImage file the one found in "arch/arm/boot/zImage"? If so, then you can't use this directly in fastboot. You need to create a boot.img file.
Edit 2: You could possibly try this: " fastboot flash:raw boot <kernel> <ramdisk> ". I personally have not done, this. I created the boot.img file and flashed it.
Edit 3: Note that Edit 2 does perform a flash instead of boot, so be very wary of this. I recommend you create a boot.img file and use "fastboot boot boot.img" for testing --- it's safer that way.
Click to expand...
Click to collapse
great suggestion. I just figured this out yesterday. as you said, fastboot boot does not work with just the zImage. it needs a boot.img.
so I created a newboot.img by packing my zImage and the ramdisk extracted from google's stock boot.img, and the newboot.img boots!
the command "fastboot flash:raw <kernel> <ramdisk>" seems simple to use. does it have an equivalent "fastboot boot: raw <kernel> <ramdisk"? so I don't need to worry about breaking my phone.
yduck said:
the command "fastboot flash:raw <kernel> <ramdisk>" seems simple to use. does it have an equivalent "fastboot boot: raw <kernel> <ramdisk"? so I don't need to worry about breaking my phone.
Click to expand...
Click to collapse
The fasboot.c source file at
https://android.googlesource.com/pl...8d27c72a03d56c1a36068a57f/fastboot/fastboot.c
indicates that there is no equivalent, although if you want to start modifying the fastboot.c code, it is probably easy enough to do so. Below is the relevant flash:raw code in fastboot.c:
} else if(!strcmp(*argv, "flash:raw")) {
char *pname = argv[1];
char *kname = argv[2];
char *rname = 0;
require(3);
if(argc > 3) {
rname = argv[3];
skip(4);
} else {
skip(3);
}
data = load_bootable_image(page_size, kname, rname, &sz, cmdline);
if (data == 0) die("cannot load bootable image");
fb_queue_flash(pname, data, sz);
Click to expand...
Click to collapse
From your post it sounds like you're using mkbootimg to create the boot image so you have what you need anyway (as long as you call mkbootimg with all the parameters corresponding to the boot header info from the boot image you extracted --- base offset, kernel offset, ramdisk offset, page offset, kernel command line , etc).
I've just added this guide to the Nexus 4 Complete Index
Sent from my GT-I9100 using xda premium
KidCarter93 said:
I've just added this guide to the Nexus 4 Complete Index
Sent from my GT-I9100 using xda premium
Click to expand...
Click to collapse
awesome! my post got into the index. I am so excited.:cyclops:
Thanks- although cdesai already made one
cdesai's thread here
yduck said:
great suggestion. I just figured this out yesterday. as you said, fastboot boot does not work with just the zImage. it needs a boot.img.
so I created a newboot.img by packing my zImage and the ramdisk extracted from google's stock boot.img, and the newboot.img boots!
the command "fastboot flash:raw <kernel> <ramdisk>" seems simple to use. does it have an equivalent "fastboot boot: raw <kernel> <ramdisk"? so I don't need to worry about breaking my phone.
Click to expand...
Click to collapse
I wonder if this is the correct way of making boot.img. I heard kernel image and ramdisk are related, if you modify and recompile the kernel and pack it with an old ramdisk, it may not boot. Is it true? what's the standard way of making boot.img? Is there a method to make our own ramdisk, instead of extracting it from google's stock boot.img?
yduck said:
setup environment variables and build
cd ~/android/kernel/kernel_msm
export ARCH=arm
export SUBARCH=arm
export CROSS_COMPILE=arm-linux-androideabi-
make mako_defconfig
make -j4
Click to expand...
Click to collapse
Based in part on this documentation, I have created a HOWTO on building the system.img and boot.img files (for fastboot) with a single "make" call. Checkout: http://nosemaj.org/howto-build-android-nexus-4 .
Hi, I have two strange problems when trying to compile the mako kernel source. My setup:
Ubuntu 10.04, 64-bit (succesfully compiled a GB kernel for another device with this setup, using Google gcc 4.4.3 and Linaro gcc 4.6.2)
Kernel source from https://android.googlesource.com/kernel/msm, HEAD @ 7ce11cd - this is the android-msm-mako-3.4-jb-mr1.1 branch, wich should be identical to the kernel shipped with 4.2.2
Google gcc 4.6.x from https://android.googlesource.com/platform/prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.6, also jb-mr1.1-release
No changes to the source, yet
There are two problems when compiling. First, there is this error
Code:
error: the frame size of XXXX bytes is larger than 1024 bytes
which is caused by 'CONFIG_FRAME_WARN=1024'. This value is not set in mako_defconfig, but seems to be the default for gcc 4.6 and is written to the .config when running make mako_defconfig. I am able to bypass this by setting 'CONFIG_FRAME_WARN=2048', but question is: Why do I need to? The stock kernel on my device running 4.2.2 has been compiled with 'CONFIG_FRAME_WARN=1024'.
The second problem are warnings of the type
Code:
warning: unwinding may not work because EXIDX input section XX of arch/arm/.../YYY.o is not in EXIDX output section
These can be suppressed by setting '# CONFIG_ARM_UNWIND is not set' and adding 'CONFIG_FRAME_POINTER=y'. But again, the stock kernel is compiled with 'CONFIG_ARM_UNWIND=y' and obviously, the Google guys didn't have this problem. What's wrong with my setup?
add “export PATH=$PATH:~/android/toolchain/arm-linux-androideabi-4.6/bin” to ~/.profile and run source ~/.profile
I can't figure out why but I keep getting a no command 'add' found
Sent From My Paranoid Nexus
atomilluminati said:
add “export PATH=$PATH:~/android/toolchain/arm-linux-androideabi-4.6/bin” to ~/.profile and run source ~/.profile
I can't figure out why but I keep getting a no command 'add' found
Sent From My Paranoid Nexus
Click to expand...
Click to collapse
Thanks for the response. The path to the compiler is defined in my kernel build script. Do I have to change it in my .profile, too?
XDA_Bam said:
Thanks for the response. The path to the compiler is defined in my kernel build script. Do I have to change it in my .profile, too?
Click to expand...
Click to collapse
Actually this was supposed to be a question...my bad... I keep getting to that line in the OP's instructions and can't get past it
Sent From My Paranoid Nexus
atomilluminati said:
Actually this was supposed to be a question...my bad... I keep getting to that line in the OP's instructions and can't get past it
Sent From My Paranoid Nexus
Click to expand...
Click to collapse
Hehe Okay, the answer is that you have to open the ~/.profile and manually add in a text editor the line given in the OP. The file should be in your profile folder (/home/your_user_name/). After this, save, close and run
Code:
source ~/.profile
in the terminal. That should do it, as far as I understood.
Hi All,
I am working on MotoX kernel(3.4.42) , after compilation of kernel source code i am able to generate zImage. I have written zImage to original boot.img using following command
$ abootimg -u boot.img -k zImage
with this boot.img(with custom zImage) I flashed using following command
$fastboot flash boot boot.img
After booting my MotoX phone , my touch screen is not responding. I observed touch screen I2c driver is not initilized because device tree image(dt.img) is not loading by zImage during booting .
Can any one please help how to create dt.img with compiled dtb files and flash in to device???????
Thanks
Ram
516
Any one any help???????
ram1443 said:
Any one any help???????
Click to expand...
Click to collapse
im really surprised you expected most people to know the answer to your question. anyways you can rip t he prebuilt dtb from you stock boot.img using these tools right here : https://github.com/xiaolu/mkbootimg_tools and then use them to repack your zimage. abootimg isnt useful in its current form it seems.
if you wish to compile the dts files into dtb ones youll need to run a script on them, here is teh guide that taught me how to http://www.wiki.xilinx.com/Build+Device+Tree+Blob
shabbypenguin said:
im really surprised you expected most people to know the answer to your question. anyways you can rip t he prebuilt dtb from you stock boot.img using these tools right here : https://github.com/xiaolu/mkbootimg_tools and then use them to repack your zimage. abootimg isnt useful in its current form it seems.
if you wish to compile the dts files into dtb ones youll need to run a script on them, here is teh guide that taught me how to http://www.wiki.xilinx.com/Build+Device+Tree+Blob
Click to expand...
Click to collapse
Hi shabbypenguin,
Thanks for your help,
Now i am able to boot with my custom zImage and default dt.img afeter following above links. but i am unable to generate custom dt.img from my compiled dtb files.
To generate dt.img i am doing below steps:
COMMAND:
-------------
$ ./dtbTool -s 2048 -o ./dt.img -p ../../source/kernel_kitkat/out/target/product/generic/obj/kernel/scripts/dtc/ ../../source/kernel_kitkat/out/target/product/generic/obj/kernel/arch/arm/boot/
OUTPUT :
-----------
Input directory: '../../source/kernel_kitkat/out/target/product/generic/obj/kernel/arch/arm/boot/'
Output file: 'dt.img'
Found file: msm8960ab-ultra-maxx-p1.dtb ... skip, failed to scan for 'qcom,msm-id = <' tag
Found file: msm8960ab-ultram-p3.dtb ... skip, failed to scan for 'qcom,msm-id = <' tag
=> Found 0 unique DTB(s)
Can you please guide me how to generate dt.img from compiled dtb files??
Thanks
Ram
Compatible models:
Original posts by @miau9202: (Go and leave a thanks to him!)
>ZE500KL
>ZE500KG
Compatible System Version:
>WW_12.8.5.118 (Original relase)
>WW_12.8.5.156 (Tested by me and some user) [There is also the version made by @gavrila with the new kernel version, see above]
>WW_12.8.5.172 (Tested by @aschitaka and @96DANGER96 )
How To:
1 - Install adb and fastboot driver (follow THIS guide)
>Now you can connect the phone to your computer2 - Reboot in fastboot mode with one of the following method:
a -Volume Up while booting upb -With adb, after enabling USB debugging in developer settings, using:
Code:
adb reboot bootloader
3 - When you are in the bootloader, run this command:
Code:
fastboot boot mod_boot.img
IMPORTANT: DON'T FLASH IT OR YOU WILL GET BOOTLOOP!!!
>Now your phone should automatically reboot with root installed and working!
Bug:
>While not everyone had it, there was a case where com.asus.services started crashing every boot after rooting, the only way to fix it was to reflash the OTA and wipe the data partition
>While new version come out, new bug may appear, please let us know!
Note:
NO ONE IN THIS FORUM, NOR THE FORUME ITSELF, IT'S RESPONSABLE OF YOUR ACTION!
THIS GUIDE COULD BRICK YOUR PHONE, FOLLOW IT AT YOUR OWN RISK!
Download:
ZE500KL: Original Post - Mirror
ZE500KG: Original Post - Mirror
Version .156 kernel made by @gavrila: Original Post - Mirror
Tested root apps:
Code:
Link2SD - Working
ES File Browser - Working
No-frills CPU Control - Not Working (feqs locked)
ADB Shell - Working
Xposed Framework - Working
AdAway - Working
Greenify - Working
Titanium Backup - Working
ROM Toolbox - Working
To install Xposed framework go HERE!
To remove root:
1 - Download from the Asus site your firmware version or above
2 - Put it in your external sd card (IMPORTANT. It will NOT work if it's in the internal memory)
3 -Reboot your phone and enter in recovery with one of the following methods:
a -Volume Down while booting upb -With adb, after enabling USB debugging in developer settings, using:
Code:
adb reboot recovery
4 - When in recovery select "Install from zip" and select the zip you downloaded
5 - When done, wipe cache and reboot your phone. Now root is gone and all the system apps are back.
Credits:
@miau9202 - Original developer
@shakalaca - For technical and knowledge support
@Jhyrachy - Tester ZE500KL
@96DANGER96 - Tester ZE500KL
@visioncored - Tester ZE500KG
@gavrila - For updated root and twrp
Resources (for Asus ZE500KL)
> Asus Official Firmware and Kernel Source
> Original boot.img
> Decompressed original boot.img (with unpackbootimg)
> Official recovery (linked by @miau9202, credits to @shakalaca )
> Original dt.img (extracted from official recovery)
> Device Tree
> Rooted boot.img
Jhyrachy said:
Hi everybody!
First of all i want to say I'm not a "devoloper", just a guy with a phone and a little background in programming, so anything i may write is an interpretation or an idea i made up of something and probably it's wrong, so feel free to correct me (obviusly with proof and documentation)
In another thread we (people with a ze500kl) started to think a way to root our phone and made some try (especially thanks to @wiiliamchung )
Actually we menaged pretty nothing but since we are a community we can share tought and ideas to try to make something working!
For now our best bet is inspired from the root method of the ZE551ML (Point 3.1, method 2)
So we are trying to compile a new recovery to push supersu in the /system folder
@williamchung already tried compiling the CWM but it didn't worked.
Actually i'm downloading on a server the Omnirom source to compile the TWRP.
For compiling TWRP and CWM you need the boot.img, that I have extracted from the official Asus firmware , that is a simple .zip file, so i just opened it and extracted the boot.img, that you can also download HERE, if you don't want to download the 1.3Gb of firmware.
Using THIS guide we can extract the required info from boot.img and start building our recovery, at least in theory!
I'll update this post when we discover something new!
Click to expand...
Click to collapse
Nice! I used cm10.1 to compile cwm6 on the previous build and at the time of this writing, I'm compiling cwm on the cm12.1 branch. Let's just hope it works! :fingers-crossed:
Good luck on your twrp build!
Edit: I'm also doing a twrp build too. What branch are you using? I'm using Omni 5.1 or is it 5.0 I have to check again
Have you managed to extract Boardconfig.mk after all?
i had trouble dumping boot.img so i downloaded the firmware
Jhyrachy said:
Have you managed to extract Boardconfig.mk after all?
i had trouble dumping boot.img so i downloaded the firmware
Click to expand...
Click to collapse
Nope. I keep getting errors. I think I need to re-sync the branch as I think I'm missing some stuff.
wiiliamchung said:
Nope. I keep getting errors. I think I need to re-sync the branch as I think I'm missing some stuff.
Click to expand...
Click to collapse
Well, on my 30Gb server i finished the space and i needed to expand it!
Btw, download the boot.img I uploaded, maybe it will works.
Jhyrachy said:
Btw, download the boot.img I uploaded, maybe it will works.
Click to expand...
Click to collapse
Sure, I'll check it out. Did you get it from the WW…118 or the WW…106 firmware?
wiiliamchung said:
Sure, I'll check it out. Did you get it from the WW…116 or the WW…108 firmware?
Click to expand...
Click to collapse
i downloaded the WW118
UPDATE: thansk to @bigbiff and @Dees_Troy in the TWRP chat i learned that BoardConfig.mk and recovery.fstab are not included in the boot.img
I will study how to make them
Jhyrachy said:
UPDATE: thansk to @bigbiff and @Dees_Troy in the TWRP chat i learned that BoardConfig.mk and recovery.fstab are not included in the boot.img
I will study how to make them
Click to expand...
Click to collapse
This can help you
http://forum.xda-developers.com/showthread.php?t=1943625
People already compiled twrp for s4 mini plus, that has got same cpu
96DANGER96 said:
This can help you
http://forum.xda-developers.com/showthread.php?t=1943625
People already compiled twrp for s4 mini plus, that has got same cpu
Click to expand...
Click to collapse
thanks, but sadly is not just a copy paste :/
Also looks like their cpu is slightly different, but i'll take a look
96DANGER96 said:
This can help you
http://forum.xda-developers.com/showthread.php?t=1943625
People already compiled twrp for s4 mini plus, that has got same cpu
Click to expand...
Click to collapse
s4 mini is totally different in comparison of ze5500kl or ze550kl.
Jhyrachy said:
thanks, but sadly is not just a copy paste :/
Also looks like their cpu is slightly different, but i'll take a look
Click to expand...
Click to collapse
I know, but you are on the right way i think
Ok, i smashed up together what i can found about the BoardConfig.mk and make this stuff:
Code:
# Data from https://github.com/TeamWin/android_device_samsung_serranoveltexx/blob/android-4.4/BoardConfig.mk
TARGET_BOARD_PLATFORM := msm8916
TARGET_BOARD_PLATFORM_GPU := qcom-adreno306
TARGET_BOOTLOADER_BOARD_NAME := MSM8916
TARGET_ARCH := arm
TARGET_ARCH_VARIANT := armv7-a-neon
TARGET_ARCH_VARIANT_CPU := cortex-a9
TARGET_CPU_ABI := armeabi-v7a
TARGET_CPU_ABI2 := armeabi
TARGET_CPU_SMP := true
TARGET_CPU_VARIANT := cortex-a7
DEVICE_RESOLUTION := 720x1280
# Data from https://github.com/TheSSJ/device_asus_zenfone2/blob/master/BoardConfig.mk
HAVE_SELINUX := true
ANDROID_COMMON_BUILD_MK := true
TARGET_USERIMAGES_USE_EXT4 := true
BOARD_HAS_LARGE_FILESYSTEM := true
USE_OPENGL_RENDERER := true
TARGET_BOOTLOADER_IS_2ND := true
COMMON_GLOBAL_CFLAGS += -DNO_SECURE_DISCARD
BOARD_FUNCTIONFS_HAS_SS_COUNT := true
TARGET_KERNEL_CONFIG := msm8916_sec_defconfig
TARGET_KERNEL_SOURCE := kernel/asus/ze500kl
BOARD_KERNEL_IMAGE_NAME := bzImage
BOARD_FLASH_BLOCK_SIZE := 2048
BOARD_KERNEL_BASE := 0x80078000
BOARD_KERNEL_PAGESIZE := 2048
BOARD_MKBOOTIMG_ARGS := --kernel_offset 0x00008000 --ramdisk_offset 0x01f88000
#I do not understand this line at all, so if someone could help me about this would be good
BOARD_KERNEL_CMDLINE := init=/init pci=noearly loglevel=0 vmalloc=256M androidboot.hardware=mofd_v1
BOARD_KERNEL_CMDLINE += watchdog.watchdog_thresh=60 androidboot.spid=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx androidboot.serialno=01234567890123456789
BOARD_KERNEL_CMDLINE += snd_pcm.maximum_substreams=8 ip=50.0.0.2:50.0.0.1::255.255.255.0::usb0:on debug_locks=0 androidboot.selinux=permissive
#This line is provided by [user=5097283]@miau9202[/user] data
BOARD_KERNEL_CMDLINE += console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=qcom msm_rtb.filter=0x237 ehci-hcd.park=3 androidboot.bootdevice=7824900.sdhci lpm_levels.sleep_disabled=1 earlyprintk
#change this to "twrp" to make a TWRP recovery, or any other recovery which might be released
RECOVERY_VARIANT := twrp
# TWRP
ifeq ($(RECOVERY_VARIANT),twrp)
TARGET_RECOVERY_FSTAB := device/asus/zenfone2/twrp.fstab
else
TARGET_RECOVERY_FSTAB := device/asus/zenfone2/recovery.fstab
endif
TARGET_RECOVERY_PIXEL_FORMAT := "BGRA_8888"
TW_INCLUDE_CRYPTO := true
TW_NTFS_WA := true
RECOVERY_SDCARD_ON_DATA := true
RECOVERY_GRAPHICS_USE_LINELENGTH := true
TW_FLASH_FROM_STORAGE := true
TW_INTERNAL_STORAGE_PATH := "/sdcard"
TW_INTERNAL_STORAGE_MOUNT_POINT := "sdcard"
TW_EXTERNAL_STORAGE_PATH := "/external_sd"
TW_EXTERNAL_STORAGE_MOUNT_POINT := "external_sd"
TW_NO_SCREEN_BLANK := true
TW_NO_SCREEN_TIMEOUT := true
TW_EXCLUDE_SUPERSU := true
TWRP_EVENT_LOGGING := false
TW_NO_USB_STORAGE := true
since the phone should be the same, i have some hope it would work.
Like always, no idea if is going to work.
EDIT: updated with @miau9202 data
I use the ZenFone2-boot-tools extract the boot.img and get the cmdline
here's the full info:
page_size : 2048
base_addr : 0x80078000
kernel_offset : 0x00008000
kernel_size : 16481272
ramdisk_offset : 0x01f88000
ramdisk_size : 1168673
cmdline : console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=qcom msm_rtb.filter=0x237 ehci-hcd.park=3 androidboot.bootdevice=7824900.sdhci lpm_levels.sleep_disabled=1 earlyprintk
Click to expand...
Click to collapse
miau9202 said:
I use the ZenFone2-boot-tools extract the boot.img and get the cmdline
here's the full info:
Click to expand...
Click to collapse
you extracted them from my boot.img?
Jhyrachy said:
you extracted them from my boot.img?
Click to expand...
Click to collapse
No, it's from WW118, stock OTA package.
[EDIT]
if you need stock recovery.img, I had upload to your previous thread:
http://forum.xda-developers.com/showpost.php?p=63279307&postcount=13
miau9202 said:
No, it's from WW118, stock OTA package.
Click to expand...
Click to collapse
Ok. (it's the same i linked in the OP, btw)
I updated the Boarconfig.mk, i'll try to compile it now
I tried building a recovery with the CWM recovery builder, it should appear here:
https://builder.clockworkmod.com/done?build_id=dcb611e82f17d2a52e37bd5d29f666db
This is the build id: dcb611e82f17d2a52e37bd5d29f666db
This is the Device Tree, in case someone want to watch it!
https://github.com/Jhyrachy/Asus-Zenfone-2-ZE500KL-Device-Tree
Good luck with the project Just PM me on XDA or maybe you can find me on the TWRP chat again if you get more issues
Hi all,
I am trying to get an insecure kernel for Nexus 6, marshmallow 6.0, and I stuck at a bootloop.
The AOSP tag android-6.0.0_r1 builds without any errors. Then I flash the produced insecure boot image on a nexus 6, which had the latest 6.0 factory images.
Has anyone managed to do this procedure?
Btw, I am compiling the AOSP sources, and not the kernel sources.
In AOSP, I think, the kernel/zImage is precompiled, and the aosp build system bundles it into a boot image.
So, if someone has managed to build a working insecure boot.img from any marshmallow branch please let me know.
Or has done the same thing from kernels sources, also let me know.
EDIT:
How to compile an insecure kernel:
0. This will use the precompiled kernel found in aosp sources.
So we are not actually compiling. But this title might help some folks googling the topic.
2. modify device/<maker>/<codename>/fstab.<codename>/, and remove verify tag from system
3. make -jN bootimage
Alternatively, you can follow the procedure by ziddey, and removing the verify tag from fstab.shamu, allows the kernel to be booted!
NOTE: insecure kernel is not permissive.
How to compile a permissive kernel:
0. Now we will actually compile the kernel.
1. Download the kernel sources, and checkout the branch you want. Do these modifications.
Finally compile the kernel. (There are many tutorials for kernel compilation online)
2. copy the kernel (arch/arm/boot/zImage-dtb) to your aosp_dir/device/<maker>/<codename>-kernel/
3. Disable verification (as w/ insecure kernel)
4. make -j8 bootimage
How to compile an insecure and permissive kernel:
Not sure about this. I 'd play with configurations in aosp_dir/device/<maker>/<codename>,
or maybe try an eng build. If anyone knows just post it!
I have tried these with the kernel branch "android-msm-shamu-3.10-marshmallow-mr1",
and the aosp tag "android-6.0.1_r21".
I have also tried to unpack and repack the boot.img using unpackbootimg and mkbootimg from https://github.com/osm0sis/mkbootimg.
I have extracted ramdisk, edited the default prob, repacked ramdisk, and packed using:
Code:
mkbootimg --kernel su_boot.img-zImage --ramdisk su_boot.img-ramdisk.gz --cmdline 'console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=shamu msm_rtb.filter=0x37 ehci-hcd.park=3 utags.blkdev=/dev/block/platform/msm_sdcc.1/by-name/utags utags.backup=/dev/block/platform/msm_sdcc.1/by-name/utagsBackup coherent_pool=8M' --base 00000000 --pagesize 2048 --kernel_offset 00008000 --ramdisk_offset 02000000 --tags_offset 01e00000 --board "" -o ins_su_boot.img
Have I missed anything?
*EDIT* also tried w/ 'abootimg'. Still no luck.
Screwing around with random files found on the internet is not going to solve your problem. Use the program from *AOSP*. And make sure your parameters match (I'm not going to verify them for you). Bootloops are always cute, what did you change? Typically running make bootimg should make you a good bootimg from AOSP sources.
Well, turns out that in this case, that assumption is not correct.
The first issue is that the verity keys are not present in a custom built boot.img. At least not ones without also involving an entire system build (not that they would match the system partition that you already have).
So to solve that, edit the fstab file in the shamu device tree to remove the verify parameter from the system partition. Once that is done, it should no longer randomly reboot.
UNFORTUNATELY, that may not be enough to make the whole thing work properly still, since there appears to be some other differences between the AOSP userdebug's boot.img and the google user build. You will be able to adb in, but the android subsystem won't run.
These utilities I have used were the ones that have been successfully used to pack/unpack boot images by others. I have also done this successfully in the past, for another device running earlier versions.
Yeap. That's the problem. A kernel build from AOSP sources does not work out of the box with the rest of the system, if it is a production build. This used to work for Lollipop, but I guess they tighten security up.
Building zImage from kernel sources is still not a solution for me, as I can't properly pack/unpack a Marshmallow boot.img
The problem might be something very stupid, OS specific, and I don't want to waste any more time on this.
For now I will live with SuperSu and adbd insecure.
Maybe at some point I might try to remove the verification to see whether the rest of the stuff play nicely.
Thanks for your time!
[edit]
Answer is root. http://forum.xda-developers.com/showpost.php?p=64110288&postcount=1283
[/edit]
I spent a while tonight trying to figure this out as well. Simply dumping boot.img and recreating it works fine. But something goes wrong when unpacking/repacking the ramdisk. Stripping bootsize from bootimg.cfg so abootimg recalculates it doesn't help.
1. I did find that mkboot "works": https://github.com/ModdingMyMind/mkbootimg_tools
Simply run `mkboot boot.img boot` to dump to dir boot. Make changes to ramdisk, and then run `mkboot boot newboot.img` to create a new image. However, for whatever reason, this causes at least one issue for me. The sbin dir, despite being 755 in the ramdisk is 750 again in Android. Not sure what's going on here since I can redump newboot.img and confirm that sbin is 755.
2. I looked at seSuperuser/super-bootimg and found https://github.com/seSuperuser/super-bootimg/blob/master/scripts/bootimg.sh
The relevant part is in doneBootImgEdit(). Looking at the comments, Husson found that appending the changes to the inflated ramdisk cpio and then deflating it works. I just tested this and indeed it does work.
Husson only appends new/changed files; as a test, I tried appending the entire new ramdisk onto the old one, and sure enough, it bugs out again. Will have to investigate why this happening later, but for now, this is good enough.
As well, abootimg also comes with the tools abootimg-pack-initrd and aboot-unpack-initrd, which takes care of gzip/cpio. Of course, since the packing part doesn't work, we can't use it.
So, here's an example. Say you want to change fstab.shamu (to remove /system verification and/or /data forced encryption):
Code:
# extract boot.img
abootimg -x boot.img
# unpack the extracted initrd.img to ramdisk dir
abootimg-unpack-initrd
cd ramdisk
# make your changes to ramdisk/fstab.shamu here....
echo fstab.shamu | cpio -o -H newc > ../initrd2
cd ..
# inflate initrd.img
cp initrd.img initrd.gz
gunzip initrd.gz
# append and create new initrd.img
cat initrd initrd2 |gzip -9 -c > newinitrd.img
# strip bootsize from bootimg.cfg
sed 1d bootimg.cfg > newbootimg.cfg
# create new boot.img
abootimg --create newboot.img -f newbootimg.cfg -k zImage -r newinitrd.img
newboot.img should be a working boot image. If modifying multiple files, it may be easiest to create a different dir with those files and use find . |cpio -o -H newc > ../initrd2
Hope this helps. And if anyone can explain why this is necessary / how to recreate initrd from scratch, I can continue being lazy.
Thanks @phhusson
[edit]
Damn. I tried applying a different init file and it ate ****.
[/edit]
ziddey said:
I spent a while tonight trying to figure this out as well. Simply dumping boot.img and recreating it works fine. But something goes wrong when unpacking/repacking the ramdisk. Stripping bootsize from bootimg.cfg so abootimg recalculates it doesn't help.
1. I did find that mkboot "works": https://github.com/ModdingMyMind/mkbootimg_tools
Simply run `mkboot boot.img boot` to dump to dir boot. Make changes to ramdisk, and then run `mkboot boot newboot.img` to create a new image. However, for whatever reason, this causes at least one issue for me. The sbin dir, despite being 755 in the ramdisk is 750 again in Android. Not sure what's going on here since I can redump newboot.img and confirm that sbin is 755.
2. I looked at seSuperuser/super-bootimg and found https://github.com/seSuperuser/super-bootimg/blob/master/scripts/bootimg.sh
The relevant part is in doneBootImgEdit(). Looking at the comments, Husson found that appending the changes to the inflated ramdisk cpio and then deflating it works. I just tested this and indeed it does work.
Husson only appends new/changed files; as a test, I tried appending the entire new ramdisk onto the old one, and sure enough, it bugs out again. Will have to investigate why this happening later, but for now, this is good enough.
As well, abootimg also comes with the tools abootimg-pack-initrd and aboot-unpack-initrd, which takes care of gzip/cpio. Of course, since the packing part doesn't work, we can't use it.
So, here's an example. Say you want to change fstab.shamu (to remove /system verification and/or /data forced encryption):
Code:
# extract boot.img
abootimg -x boot.img
# unpack the extracted initrd.img to ramdisk dir
abootimg-unpack-initrd
cd ramdisk
# make your changes to ramdisk/fstab.shamu here....
echo fstab.shamu | cpio -o -H newc > ../initrd2
cd ..
# inflate initrd.img
cp initrd.img initrd.gz
gunzip initrd.gz
# append and create new initrd.img
cat initrd initrd2 |gzip -9 -c > newinitrd.img
# strip bootsize from bootimg.cfg
sed 1d bootimg.cfg > newbootimg.cfg
# create new boot.img
abootimg --create newboot.img -f newbootimg.cfg -k zImage -r newinitrd.img
newboot.img should be a working boot image. If modifying multiple files, it may be easiest to create a different dir with those files and use find . |cpio -o -H newc > ../initrd2
Hope this helps. And if anyone can explain why this is necessary / how to recreate initrd from scratch, I can continue being lazy.
Thanks @phhusson
[edit]
Damn. I tried applying a different init file and it ate ****.
[/edit]
Click to expand...
Click to collapse
My guess, and the reason why I tried appending without further thinking, is that the new initramfs files contains SELinux labels, which standard GNU/Linux cpio tool doesn't support.
One would have to investigate the changes in mkbootfs done recently.
Also, I guess mkboot is using Android's mkbootfs, which forces the permissions by itself I think.
Though the fact that extracting back give the result you expected is weird.
In super-bootimg I chose to change init.rc to chmod /sbin
Wow. http://forum.xda-developers.com/showpost.php?p=64110288&postcount=1283
Just tested and sure enough, everything is working.
Thanks @shoey63
Hopefully a final update:
The difference is in ownership. Unpacking (cpio -i) as a regular user will not preserve the ownership. However, repacking (cpio -o) does.
To repack, add -R 0.0 to cpio (i.e. --owner root.root).
e.g.
Code:
find . |cpio -o -H newc -R 0.0 | gzip -9 > ../newinitrd.img
I just tested and this works just fine without being root.
ziddey said:
Hopefully a final update:
The difference is in ownership. Unpacking (cpio -i) as a regular user will not preserve the ownership. However, repacking (cpio -o) does.
To repack, add -R 0.0 to cpio (i.e. --owner root.root).
e.g.
Code:
find . |cpio -o -H newc -R 0.0 | gzip -9 > ../newinitrd.img
I just tested and this works just fine without being root.
Click to expand...
Click to collapse
Erf that's weird, I'm pretty sure I always ran the script as root...
Anyway, thanks for the info! I'll probably update my scripts with it
I just wanted to post that using root to extract the cpio file fixed the boot failure for me on my Nexus 9 with 6.0.1. You also need to use root to find the files and create the cpio file because some files are only accessible by root of course. I guess that should have been obvious (usually needed for /dev nodes) as @phhusson said, but this time I didn't do that until reading here.
To unpack the boot.img file I used: https://github.com/osm0sis/mkbootimg.git
To pack the boot.img file I used: https://android.googlesource.com/platform/system/core/+/master/mkbootimg
I'm not sure you need the official google packer, but I just happened to use when it worked.
EDIT: I needed to update boot.img and I tried it using the osm0sis packer and it worked.
Hey guys. Thanks for the replies!
I needed a permissive kernel this time, and I have played around with the sources and your recommendations and got it working. :good:
The post by ziddey might be the easiest way to make any kernel bootable, by disabling the verification from fstab.
(and uses just one packing/unpacking tool)
You can do the same thing from sources, again by modifying the fstab on aosp.
You can build an insecure kernel by using the pre-built kernel (is aosp),
or compile and then pack a permissive one.
This procedure wasn't working for me back then when I tried it (hence this thread). I am not sure if it was my fault or the initial marshmallow release had differences from the sources. More info on the first post.